Sikur is defining the future of secure communication. Operating globally, it has offices in Latin America, United States, and Europe. Sikur works alongside governments and corporations that believe security is fundamental to the integrity of their work. We believe that security is not only about platforms and digital systems but is a mindset that surrounds every aspect of business.

Search

Tag: Privacy

So far this year (and there’s still one more day), Verizon reported that there have been 2,216 confirmed data breaches across 65 countries. Even more disturbing, perhaps, is that 68 percent of those breaches took months for the breached companies to discover. If that’s not disturbing enough, 28 percent of those incidents were perpetuated by insiders. More than half of those breaches by outsiders were done by members of organized crime.

According to the report, cybercrime touched nearly every sector throughout 2018, including those that may seem less obvious, like education or manufacturing — and for one obvious reason: the money. There were a few noteworthy headliners. For example, Marriott, Facebook and a database marketing firm by the name of Exactis exposed the records of roughly 300 million people. So, as we turn the page to 2019, a year that will no doubt see more of the same, here’s another look at those that made The Best Of The Worst Things To Happen In 2018 list.

Facebook

Facebook’s 2018 regarding the stewardship of user data and privacy was one it would like to soon forget. The most eye-catching — and headline-generating — of those lapses was the Cambridge Analytica scandal, which saw the data of 87 million Facebook users end up in the hands of a political consultancy.

That incident, however, is not why Facebook makes this list. While the intricacies of how exactly Cambridge Analytica gathered the data are still somewhat contested, no one is disputing that it got access to customer data that it wasn’t supposed to have.

Facebook makes this list due to its late-September revelation that roughly 50 million of its users had their data exposed through an attack on its network. The social media giant found that attackers were able to take control of user accounts through a function within the platform’s code, according to reports. In the aftermath of the breach, about 90 million Facebook users had to log out while Facebook fixed the vulnerability and consulted the authorities.

Two recently published surveys about the telecom industry revealed that privacy as it relates to security and the internet of things (IoT) has become a top concern for both businesses and consumers.

Allot Telco’s security trends report for 2018’s third quarter found that 50% of consumers polled were concerned about loss of privacy or a cyber-attack. Additionally, 72% of the consumers surveyed stated that they were willing to pay a monthly fee, averaging at $5.26, for an IoT security service, and 16% of those who would buy security services would make that investment in their internet service providers (ISPs).

More than 1,200 consumers across 10 different countries participated in the survey, which found that “to improve the security posture of homes and connected devices, the following must occur: Security at the device level must improve and security must be delivered at the network level.”

Similar sentiments were mirrored in the recent 2018 Annual Industry Survey,published by Telecoms.com, which showed that 75% of the 1,500 executives from global telecom industries who participated in the survey said that privacy was the key concern of consumers living in a highly connected smart home, followed by identity theft, fraud and vandalism through hacking into connected devices.

While the unusual technique reportedly employed by the MP Steve Baker does work, there are easier ways to ensure your privacy

We have all had conversations that made us want to destroy our phones in rage, but that is not why Theresa May’s nemesis, the Brexiter MP Steve Baker, apparently put his in the microwave.

According to reports, Baker – who led the campaign last week to trigger a vote of no confidence in the Tory leader – is paranoid about surveillance and keeps his phone in the microwave overnight to avoid being “bugged”.

To be fair to Baker, he is right – at least about the microwave. The metallic mesh on the door of a typical oven forms a Faraday cage on the outside of the cooker, preventing the energetic microwaves from cooking you as they cook your meal. Put a phone in there and the barrier will work just as well to prevent any signals getting in or out. If you are really concerned, 30 seconds at 800W will definitely prevent any further eavesdropping for good (and may destroy your kitchen, too).

But there are more convenient ways of achieving the same end. For £20, you can buy a “Faraday bag” – a small pouch with the same mesh built in – allowing you to achieve signal blackout while keeping your microwave free for reheating last night’s dinner. Even better for Baker, the bag in question is made in Britain, thus ensuring continued supply in the event of a no-deal Brexit.

London– Microsoft CEO Satya Nadella has called on technology companies to defend users’ privacy as human right, urging firms and governments to collectively work together to protect the most vulnerable section in society.

Speaking at an event “Future Decoded” here on Thursday, Nadella applauded the European Union’s General Data Protection Regulation (GDPR) as first step towards securing data privacy, The Registrar reported.

“All of us will have to think about the digital experiences we create to treat privacy as a human right,” Nadella was quoted as saying.

“GDPR as a piece of legislation, a piece of regulation is a great start and we’ve done a lot of hard work to become compliant with GDPR,” Nadella added, adding that the companies need to develop ethical standards around Artificial Intelligence (AI).

Nadella said that 54 Azure Cloud regions worldwide is “more than any other provider”.

According to him, underwater data centres will play a key role in expanding Microsoft’s Cloud computing platform.

Under its “Project Natick”, Mictosoft has already deployed a 40-foot data centre pod on the seafloor off the coast of Scotland.

“Since 50 per cent of the world’s population lives close to water bodies, we think this is the way we want to think about future data centre expansion,” Nadella said.

Microsoft also unveiled an AI report titled “Maximising the AI Opportunity” for businesses.

The company announced at the event that the health agency NHS Scotland will deploy Office 365 to all of its 161,000 employees, moving away from a complicated organisation that included more than 100 separate computer systems.

New MediaPRO study also finds that management performed worse than entry- and mid-level employees in how to handle a suspected phishing email.

Despite concerted efforts by many US organizations to improve security awareness among users, a new study shows they still have a long way to go.

Some 75% of respondents today pose a moderate or severe risk to their company’s data, according to MediaPRO’s third annual State of Privacy and Security Awareness Report, and 85% of finance workers show some lack of data security and privacy knowledge.

Tom Pendergast, chief security and privacy strategist at security awareness and training provider MediaPRO, says the firm surveyed more than 1,000 employees across the United States to quantify the state of privacy and security awareness in 2018. More people fell into the risk category this year than in 2017 – and that number had nearly doubled since the inaugural survey, he says.

“The overall results revealed a trend we weren’t happy to see, that employees performed worse across the board compared to the previous year,” Pendergast says. “While I think there’s a certain amount of security fatigue from news of all the attacks, if in five years I don’t see significant change I will be surprised. There’s both a cultural a business awareness of the need to do good work in this area.”

MediaPRO based its study on a variety of questions that focus on real-world scenarios, such as correctly identifying personal information, logging on to public Wi-Fi networks, and spotting phishing emails. Based on the percentage of privacy and security-aware behaviors, respondents were assigned to one of three risk profiles: risk, novice, or hero.

Here’s a thumbnail of some other notable findings:

1. Employee performance was worse this year across all eight industry verticals measured. Respondents did much worse in identifying malware warning signs, knowing how to spot a phishing email and social media safety.

Spies are increasingly hacking into the smartphones of political opponents and dissidents around the world, security researchers say, giving them access to data far more sensitive than what most people keep on personal computers.

Mobile-security firm Lookout Inc. counted 22 phone-hacking efforts in the first five months of this year that appeared to be government-backed. Most targeted political opponents in developing nations, Lookout said. The company’s researchers identified just two such efforts in all of 2015.

The increase is being driven by the proliferation both of low-cost smartphones and of companies selling spyware and hacking tools to access them, said Claudio Guarnieri, a security researcher with the human-rights group Amnesty International. Most hacking efforts now target mobile phones, Mr. Guarnieri said, while in 2015 the majority still involved personal computers.

“It is one thing to compromise someone’s computer,” said Mike Murray, Lookout’s vice president of security research. “It’s another thing to have a listening device that they carry around with them 24 hours a day,”

The government-sponsored surveillance of mobile phones comes as more hackers of all stripes gain access to the devices. Turned against their owners, the phones can become powerful espionage tools, researchers say. Spies can monitor a user’s contacts, communications, travel history and even their financial transactions.

The trend pits outfits that craft spyware tools against the cybersecurity companies and device makers trying to defend user privacy. AppleInc.and AlphabetInc.’s Google both say they are committed to keeping their devices secure. But researchers say malicious software often exploits known bugs on phones that haven’t been patched and hackers also sneak malicious software into app stores. Antivirus vendors such as McAfee Inc. and Symantec Inc. see mobile-device protection as an important market for future sales.

The tools and expertise needed to create malicious software for mobile phones have become more common and less expensive, said Raj Samani, McAfee’s chief scientist. As a result, close to 11% of mobile-phones world-wide had some sort of infection in the fourth quarter of 2017, McAfee said, up from about 7.5% during the same period of 2015.

There have been calls for an immediate independent review after a new Privacy International investigation revealed that police are secretly extracting large volumes of highly sensitive data from UK users’ phones – even those not suspected of any crime.

The Digital Stop and Search report builds on previous research from the Bristol Cable in January last year detailing how law enforcers were investing hundreds of thousands intrusive UFEDs (Universal Forensic Extraction Devices) from the likes of notorious Israeli vendor Cellebrite.

Privacy International received FOI responses from 47 police forces and 26 of them (55%) admitted using the technology, with a further 17% trialing or planning to trial it. The data extraction has been going on in some form for over six years.

Such tools can find data even the user may not know they have on their device, including: emails, messages, GPS locations, call data, photos, contacts, calendar info, web browsing, social media accounts, online banking, health and fitness data, cloud storage and much more.

It is extracted from self-service kiosks at the police station, from frontline support service ‘hubs’ serving several forces, or via portable mobile phone extraction kits when out and about, the report revealed.

Privacy International’s concern is that data is often extracted without the user’s knowledge, stored insecurely and for an indefinite time, and taken not just from suspects but also victims and witnesses – even for investigations of low-level crimes.

There’s confusion among the police over the legal basis for this activity, stemming from a lack of national and local guidance, PI claimed.

Xkeyscore. MAC addresses. OAKSTAR. MONKEYROCKET. Edward Snowden is at it again. This time the world’s most notorious whistleblower has handed over National Security Agency (NSA) documentation to online investigative news outlet The Intercept revealing an invasive covert program to track bitcoin users using spy tools he uncovered during his infamous first go-round. The implications include the future of privacy along with warrantless data collection being used to prosecute bitcoiners such as Ross Ulbricht of Silk Road.

Snowden Reveals How NSA Tracked Bitcoin Users

Ever get the feeling you’re being watched? Department of Homeland Security (DHS) Acting Assistant Secretary for Legislative Affairs Brian de Vallance, in a November 2013 letter to Congress, worried that “with the advent of virtual currencies and the ease with which financial transactions can be exploited by criminal organizations, DHS has recognized the need for an aggressive posture toward this evolving trend.” Infamous whistleblower Edward Snowden seems to have found a trove of heavily redacted, classified NSA documents attesting to that “aggressive posture.”

It’s fitting Mr. Snowden should share them with The Intercept, an online investigative news organization founded by his benefactor, attorney turned journalist Glenn Greenwald. Mr. Greenwald was then writing for The Guardian, and the two unleashed the largest batch of government security documents ever revealed about US and UK global surveillance.

.

Interestingly, the documents tracking bitcoin users stem from roughly the same period, 2013. They detail bitcoiners all over the world were targeted as powers granted the NSA under the rubric of fighting terrorism expanded, and might have even begun to play a role in early crypto prosecutions such as Ross Ulbricht and Silk Road.

American Civil Liberties Union’s Patrick Toomey, of its National Security Project, explained, “If the government’s criminal investigations secretly relied on NSA spying, that would be a serious concern. Individuals facing criminal prosecution have a right to know how the government came by its evidence, so that they can challenge whether the government’s methods were lawful. That is a basic principle of due process. The government should not be hiding the true sources for its evidence in court by inventing a different trail.”

Unlike the communities traditionally associated with the word “anarchy”, in a crypto-anarchy the government is not temporarily destroyed but permanently forbidden and permanently unnecessary. It’s a community where the threat of violence is impotent because violence is impossible, and violence is impossible because its participants cannot be linked to their true names or physical locations.

A February 6, 2018 headline in Reason magazine warned, “Governments Hate Bitcoin and Cash for the Same Reason: They Protect People’s Privacy.” The ensuing article spun off a quote from U.S. Treasury Secretary, Steve Mnuchin, “One of the things we will be working very closely with the G-20 on is making sure that this doesn’t become the Swiss numbered bank accounts.” Mnuchin rejects decentralized crypto as payment, investment, or savings systems because it cannot be easily tracked by government.

Privacy is the battleground upon which cryptocurrency will ultimately rise or fall. The engine of crypto, the blockchain, is founded on the premise of anonymity or pseudonymity. The blockchain was specifically designed to obsolete “trusted third parties,” such as central banks, which act as data-collection centers for government.

Wei Dai and Mnuchin may seem to be polar opposites on privacy, but they are saying much the same thing, although their conclusions are antithetical. Privacy prevents violence.

For Wei Dai, this is a good thing. Privacy is overwhelmingly positive for individuals because it empowers and protects them against government. Privacy can cloak genuine acts of violence or fraud, of course, just as free speech can promote lies; every tool can be a weapon. More often than not, however, the violence prevented is wielded by government against those who flaunt authority: tax evaders, dissenters, regulation breakers, gray or black marketeers, drug dealers and users. Government punishes scofflaws, whether or not the laws are just or despite the fact that participants consented. To cryptoanarchists, like Wei Dai, no crime has occurred unless a person is injured or property is damaged. The violence occurs when a third party forcibly intervenes between consenting adults or people minding their own business.

For Mnuchin, privacy’s role in preventing violence is a bad thing because he administers government coercion against peaceful individuals. Of course, he does not call it violence; he calls it law enforcement. That doesn’t change the fact that government agents are pointing guns at peaceful scofflaws, not at the behest of any participant, but over their objections.